diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 75a7a00..ff53faf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,4 +5,6 @@ on: [push, pull_request] jobs: ci: - uses: catalyst/catalyst-moodle-workflows/.github/workflows/ci.yml@main \ No newline at end of file + uses: catalyst/catalyst-moodle-workflows/.github/workflows/ci.yml@main + secrets: + moodle_org_token: ${{ secrets.MOODLE_ORG_TOKEN }} \ No newline at end of file diff --git a/README.md b/README.md index 5d4dedb..e79745e 100644 --- a/README.md +++ b/README.md @@ -9,6 +9,12 @@ application. The main idea is to make a web call to moodle and provide one of th fields to find required user and generate one time login URL. A user can be redirected to this URL to be log in to Moodle without typing username and password. +# Versions and branches + +| Moodle Version | Branch | +|------------------|-------------------| +| Moodle 3.3 - 4.1 | MOODLE_33PLUS | +| Moodle 4.5+ | MOODLE_405_STABLE | Using ----- diff --git a/auth.php b/auth.php index 2af18a2..8ea5e75 100644 --- a/auth.php +++ b/auth.php @@ -28,14 +28,13 @@ use auth_userkey\userkey_manager_interface; use core_external\external_value; -require_once($CFG->libdir.'/authlib.php'); +require_once($CFG->libdir . '/authlib.php'); require_once($CFG->dirroot . '/user/lib.php'); /** * User key authentication plugin. */ class auth_plugin_userkey extends auth_plugin_base { - /** * Default mapping field. */ @@ -53,7 +52,7 @@ class auth_plugin_userkey extends auth_plugin_base { * * @var array */ - protected $defaults = array( + protected $defaults = [ 'mappingfield' => self::DEFAULT_MAPPING_FIELD, 'keylifetime' => 60, 'iprestriction' => 0, @@ -62,7 +61,7 @@ class auth_plugin_userkey extends auth_plugin_base { 'ssourl' => '', 'createuser' => false, 'updateuser' => false, - ); + ]; /** * Constructor. @@ -297,14 +296,16 @@ protected function create_user(array $data) { throw new invalid_parameter_exception('Unable to create user, missing value(s): ' . implode(',', $missingfields)); } - if ($DB->record_exists('user', array('username' => $user['username'], 'mnethostid' => $CFG->mnet_localhost_id))) { - throw new invalid_parameter_exception('Username already exists: '.$user['username']); + if ($DB->record_exists('user', ['username' => $user['username'], 'mnethostid' => $CFG->mnet_localhost_id])) { + throw new invalid_parameter_exception('Username already exists: ' . $user['username']); } if (!validate_email($user['email'])) { - throw new invalid_parameter_exception('Email address is invalid: '.$user['email']); - } else if (empty($CFG->allowaccountssameemail) && - $DB->record_exists('user', array('email' => $user['email'], 'mnethostid' => $user['mnethostid']))) { - throw new invalid_parameter_exception('Email address already exists: '.$user['email']); + throw new invalid_parameter_exception('Email address is invalid: ' . $user['email']); + } else if ( + empty($CFG->allowaccountssameemail) && + $DB->record_exists('user', ['email' => $user['email'], 'mnethostid' => $user['mnethostid']]) + ) { + throw new invalid_parameter_exception('Email address already exists: ' . $user['email']); } $userid = user_create_user($user); @@ -341,20 +342,20 @@ protected function update_user(\stdClass $user, array $data) { if ( $user->username != $userdata['username'] && - $DB->record_exists('user', array('username' => $userdata['username'], 'mnethostid' => $CFG->mnet_localhost_id)) + $DB->record_exists('user', ['username' => $userdata['username'], 'mnethostid' => $CFG->mnet_localhost_id]) ) { - throw new invalid_parameter_exception('Username already exists: '.$userdata['username']); + throw new invalid_parameter_exception('Username already exists: ' . $userdata['username']); } if (!validate_email($userdata['email'])) { - throw new invalid_parameter_exception('Email address is invalid: '.$userdata['email']); + throw new invalid_parameter_exception('Email address is invalid: ' . $userdata['email']); } else if ( empty($CFG->allowaccountssameemail) && $user->email != $userdata['email'] && - $DB->record_exists('user', array('email' => $userdata['email'], 'mnethostid' => $CFG->mnet_localhost_id)) + $DB->record_exists('user', ['email' => $userdata['email'], 'mnethostid' => $CFG->mnet_localhost_id]) ) { - throw new invalid_parameter_exception('Email address already exists: '.$userdata['email']); + throw new invalid_parameter_exception('Email address already exists: ' . $userdata['email']); } $userdata['id'] = $user->id; @@ -402,10 +403,10 @@ protected function get_user(array $data) { $mappingfield = $this->get_mapping_field(); - $params = array( + $params = [ $mappingfield => $data[$mappingfield], 'mnethostid' => $CFG->mnet_localhost_id, - ); + ]; $user = $DB->get_record('user', $params); @@ -476,11 +477,11 @@ public function get_login_url($data) { * @return array */ public function get_allowed_mapping_fields() { - return array( + return [ 'username' => get_string('username'), 'email' => get_string('email'), 'idnumber' => get_string('idnumber'), - ); + ]; } /** @@ -493,34 +494,34 @@ protected function get_mapping_parameter() { switch ($mappingfield) { case 'username': - $parameter = array( + $parameter = [ 'username' => new external_value( PARAM_USERNAME, 'Username' ), - ); + ]; break; case 'email': - $parameter = array( + $parameter = [ 'email' => new external_value( PARAM_EMAIL, 'A valid email address' ), - ); + ]; break; case 'idnumber': - $parameter = array( + $parameter = [ 'idnumber' => new external_value( PARAM_RAW, 'An arbitrary ID code number perhaps from the institution' ), - ); + ]; break; default: - $parameter = array(); + $parameter = []; break; } @@ -533,7 +534,7 @@ protected function get_mapping_parameter() { * @return array */ protected function get_user_fields_parameters() { - $parameters = array(); + $parameters = []; if ($this->is_ip_restriction_enabled()) { $parameters['ip'] = new external_value( @@ -594,7 +595,6 @@ protected function should_login_redirect() { if (isset($this->config->ssourl) && $this->config->ssourl != '' && !$skipsso) { return true; } - } /** diff --git a/classes/core_userkey_manager.php b/classes/core_userkey_manager.php index bb05ed5..31af466 100644 --- a/classes/core_userkey_manager.php +++ b/classes/core_userkey_manager.php @@ -24,7 +24,6 @@ * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ class core_userkey_manager implements userkey_manager_interface { - /** * This script script required by core create_user_key(). */ @@ -108,10 +107,10 @@ public function delete_keys($userid) { public function validate_key($keyvalue) { global $DB; - $options = array( + $options = [ 'script' => self::CORE_USER_KEY_MANAGER_SCRIPT, - 'value' => $keyvalue - ); + 'value' => $keyvalue, + ]; if (!$key = $DB->get_record('user_private_key', $options)) { throw new \moodle_exception('invalidkey'); @@ -123,7 +122,7 @@ public function validate_key($keyvalue) { $this->validate_ip_address($key); - if (!$user = $DB->get_record('user', array('id' => $key->userid))) { + if (!$user = $DB->get_record('user', ['id' => $key->userid])) { throw new \moodle_exception('invaliduserid'); } return $key; diff --git a/classes/privacy/provider.php b/classes/privacy/provider.php index 8ad305b..6f1d6ba 100644 --- a/classes/privacy/provider.php +++ b/classes/privacy/provider.php @@ -35,7 +35,6 @@ * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ class provider implements null_provider { - use legacy_polyfill; /** @@ -47,5 +46,4 @@ class provider implements null_provider { public static function _get_reason() { return 'privacy:metadata'; } - } diff --git a/classes/userkey_manager_interface.php b/classes/userkey_manager_interface.php index 3274df8..c802497 100644 --- a/classes/userkey_manager_interface.php +++ b/classes/userkey_manager_interface.php @@ -57,5 +57,4 @@ public function delete_keys($userid); * @throws \moodle_exception If provided key is not valid. */ public function validate_key($keyvalue); - } diff --git a/db/access.php b/db/access.php index d1519c4..44910d5 100644 --- a/db/access.php +++ b/db/access.php @@ -24,13 +24,13 @@ defined('MOODLE_INTERNAL') || die(); -$capabilities = array( - 'auth/userkey:generatekey' => array( - 'riskbitmask' => RISK_PERSONAL | RISK_SPAM | RISK_XSS , +$capabilities = [ + 'auth/userkey:generatekey' => [ + 'riskbitmask' => RISK_PERSONAL | RISK_SPAM | RISK_XSS, 'captype' => 'write', 'contextlevel' => CONTEXT_SYSTEM, - 'archetypes' => array( - ), - ), -); + 'archetypes' => [ + ], + ], +]; diff --git a/db/services.php b/db/services.php index 9271a46..55cd8a7 100644 --- a/db/services.php +++ b/db/services.php @@ -24,21 +24,21 @@ defined('MOODLE_INTERNAL') || die; -$functions = array( - 'auth_userkey_request_login_url' => array( +$functions = [ + 'auth_userkey_request_login_url' => [ 'classname' => 'auth_userkey_external', 'methodname' => 'request_login_url', 'classpath' => 'auth/userkey/externallib.php', 'description' => 'Return one time key based login URL', 'type' => 'write', 'capabilities' => 'auth/userkey:generatekey', - ) -); + ], +]; -$services = array( - 'User key authentication web service' => array( - 'functions' => array ('auth_userkey_request_login_url'), +$services = [ + 'User key authentication web service' => [ + 'functions' => ['auth_userkey_request_login_url'], 'restrictedusers' => 1, 'enabled' => 1, - ) -); + ], +]; diff --git a/db/upgrade.php b/db/upgrade.php index 70c844b..9d82856 100644 --- a/db/upgrade.php +++ b/db/upgrade.php @@ -33,7 +33,7 @@ function xmldb_auth_userkey_upgrade($oldversion) { if ($oldversion < 2018050200) { // Confirm all previously created users. - $DB->execute("UPDATE {user} SET confirmed=? WHERE auth=?", array(1, 'userkey')); + $DB->execute("UPDATE {user} SET confirmed=? WHERE auth=?", [1, 'userkey']); upgrade_plugin_savepoint(true, 2018050200, 'auth', 'userkey'); } diff --git a/externallib.php b/externallib.php index 0a23716..cd1bec9 100644 --- a/externallib.php +++ b/externallib.php @@ -39,7 +39,6 @@ * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ class auth_userkey_external extends external_api { - /** * Return request_login_url webservice parameters. * @@ -47,11 +46,11 @@ class auth_userkey_external extends external_api { */ public static function request_login_url_parameters() { return new external_function_parameters( - array( + [ 'user' => new external_single_structure( get_auth_plugin('userkey')->get_request_login_url_user_parameters() - ) - ) + ), + ] ); } @@ -77,9 +76,9 @@ public static function request_login_url($user) { $auth = get_auth_plugin('userkey'); $loginurl = $auth->get_login_url($user); - return array( + return [ 'loginurl' => $loginurl, - ); + ]; } /** @@ -89,10 +88,9 @@ public static function request_login_url($user) { */ public static function request_login_url_returns() { return new external_single_structure( - array( + [ 'loginurl' => new external_value(PARAM_RAW, 'Login URL for a user to log in'), - ) + ] ); } - } diff --git a/lang/en/auth_userkey.php b/lang/en/auth_userkey.php index 4b87032..05765f6 100644 --- a/lang/en/auth_userkey.php +++ b/lang/en/auth_userkey.php @@ -23,11 +23,13 @@ */ defined('MOODLE_INTERNAL') || die; - -$string['pluginname'] = 'User key authentication'; $string['auth_userkeydescription'] = 'Log in to Moodle using one time user key.'; -$string['mappingfield'] = 'Mapping field'; -$string['mappingfield_desc'] = 'This user field will be used to find relevant user in the LMS.'; +$string['createuser'] = 'Create user?'; +$string['createuser_desc'] = 'If enabled, a new user will be created if fail to find one in LMS.'; +$string['incorrectkeylifetime'] = 'User key life time should be a number'; +$string['incorrectlogout'] = 'Incorrect logout request'; +$string['incorrectredirecturl'] = 'You should provide valid URL'; +$string['incorrectssourl'] = 'You should provide valid URL'; $string['iprestriction'] = 'IP restriction'; $string['iprestriction_desc'] = 'If enabled, a web call has to contain "ip" parameter when requesting login URL. A user has to have provided IP to be able to use a key to login to LMS.'; @@ -37,20 +39,17 @@ \nIf the route to either the system issuing tokens or this Moodle is via a private address range then set this value to 10.0.0.0/8;172.16.0.0/12;192.168.0.0/16"; $string['keylifetime'] = 'User key life time'; $string['keylifetime_desc'] = 'Life time in seconds of the each user login key.'; -$string['incorrectkeylifetime'] = 'User key life time should be a number'; -$string['createuser'] = 'Create user?'; -$string['createuser_desc'] = 'If enabled, a new user will be created if fail to find one in LMS.'; -$string['updateuser'] = 'Update user?'; -$string['updateuser_desc'] = 'If enabled, users will be updated with the properties supplied when the webservice is called.'; +$string['mappingfield'] = 'Mapping field'; +$string['mappingfield_desc'] = 'This user field will be used to find relevant user in the LMS.'; +$string['noip'] = 'Unable to fetch IP address of client.'; +$string['pluginisdisabled'] = 'The userkey authentication plugin is disabled.'; +$string['pluginname'] = 'User key authentication'; +$string['privacy:metadata'] = 'User key authentication plugin does not store any personal data.'; +$string['redirecterrordetected'] = 'Unsupported redirect to {$a} detected, execution terminated.'; $string['redirecturl'] = 'Logout redirect URL'; $string['redirecturl_desc'] = 'Optionally you can redirect users to this URL after they logged out from LMS.'; -$string['incorrectredirecturl'] = 'You should provide valid URL'; -$string['incorrectssourl'] = 'You should provide valid URL'; -$string['userkey:generatekey'] = 'Generate login user key'; -$string['pluginisdisabled'] = 'The userkey authentication plugin is disabled.'; $string['ssourl'] = 'URL of SSO host'; $string['ssourl_desc'] = 'URL of the SSO host to redirect users to. If defined users will be redirected here on login instead of the Moodle Login page'; -$string['redirecterrordetected'] = 'Unsupported redirect to {$a} detected, execution terminated.'; -$string['noip'] = 'Unable to fetch IP address of client.'; -$string['privacy:metadata'] = 'User key authentication plugin does not store any personal data.'; -$string['incorrectlogout'] = 'Incorrect logout request'; +$string['updateuser'] = 'Update user?'; +$string['updateuser_desc'] = 'If enabled, users will be updated with the properties supplied when the webservice is called.'; +$string['userkey:generatekey'] = 'Generate login user key'; diff --git a/settings.php b/settings.php index 1e9cf42..6dca0fb 100644 --- a/settings.php +++ b/settings.php @@ -25,43 +25,81 @@ defined('MOODLE_INTERNAL') || die; if ($ADMIN->fulltree) { - $yesno = array(get_string('no'), get_string('yes')); + $yesno = [get_string('no'), get_string('yes')]; $fields = get_auth_plugin('userkey')->get_allowed_mapping_fields(); - $settings->add(new admin_setting_configselect('auth_userkey/mappingfield', + $settings->add(new admin_setting_configselect( + 'auth_userkey/mappingfield', new lang_string('mappingfield', 'auth_userkey'), - new lang_string('mappingfield_desc', 'auth_userkey'), auth_plugin_userkey::DEFAULT_MAPPING_FIELD, $fields)); + new lang_string('mappingfield_desc', 'auth_userkey'), + auth_plugin_userkey::DEFAULT_MAPPING_FIELD, + $fields + )); - $settings->add(new admin_setting_configtext('auth_userkey/keylifetime', get_string('keylifetime', 'auth_userkey'), - get_string('keylifetime_desc', 'auth_userkey', 'auth'), - '60', PARAM_INT)); + $settings->add(new admin_setting_configtext( + 'auth_userkey/keylifetime', + get_string('keylifetime', 'auth_userkey'), + get_string('keylifetime_desc', 'auth_userkey', 'auth'), + '60', + PARAM_INT + )); - $settings->add(new admin_setting_configselect('auth_userkey/iprestriction', - new lang_string('iprestriction', 'auth_userkey'), - new lang_string('iprestriction_desc', 'auth_userkey'), 0, $yesno)); + $settings->add(new admin_setting_configselect( + 'auth_userkey/iprestriction', + new lang_string('iprestriction', 'auth_userkey'), + new lang_string('iprestriction_desc', 'auth_userkey'), + 0, + $yesno + )); - $settings->add(new admin_setting_configtext('auth_userkey/ipwhitelist', get_string('ipwhitelist', 'auth_userkey'), - get_string('ipwhitelist_desc', 'auth_userkey', 'auth'), - '', PARAM_TEXT)); + $settings->add(new admin_setting_configtext( + 'auth_userkey/ipwhitelist', + get_string('ipwhitelist', 'auth_userkey'), + get_string('ipwhitelist_desc', 'auth_userkey', 'auth'), + '', + PARAM_TEXT + )); - $settings->add(new admin_setting_configtext('auth_userkey/redirecturl', get_string('redirecturl', 'auth_userkey'), - get_string('redirecturl_desc', 'auth_userkey', 'auth'), - '', PARAM_URL)); + $settings->add(new admin_setting_configtext( + 'auth_userkey/redirecturl', + get_string('redirecturl', 'auth_userkey'), + get_string('redirecturl_desc', 'auth_userkey', 'auth'), + '', + PARAM_URL + )); - $settings->add(new admin_setting_configtext('auth_userkey/ssourl', get_string('ssourl', 'auth_userkey'), - get_string('ssourl_desc', 'auth_userkey', 'auth'), - '', PARAM_URL)); + $settings->add(new admin_setting_configtext( + 'auth_userkey/ssourl', + get_string('ssourl', 'auth_userkey'), + get_string('ssourl_desc', 'auth_userkey', 'auth'), + '', + PARAM_URL + )); - $settings->add(new admin_setting_configselect('auth_userkey/createuser', - new lang_string('createuser', 'auth_userkey'), - new lang_string('createuser_desc', 'auth_userkey'), 0, $yesno)); + $settings->add(new admin_setting_configselect( + 'auth_userkey/createuser', + new lang_string('createuser', 'auth_userkey'), + new lang_string('createuser_desc', 'auth_userkey'), + 0, + $yesno + )); - $settings->add(new admin_setting_configselect('auth_userkey/updateuser', - new lang_string('updateuser', 'auth_userkey'), - new lang_string('updateuser_desc', 'auth_userkey'), 0, $yesno)); + $settings->add(new admin_setting_configselect( + 'auth_userkey/updateuser', + new lang_string('updateuser', 'auth_userkey'), + new lang_string('updateuser_desc', 'auth_userkey'), + 0, + $yesno + )); // Display locking / mapping of profile fields. $authplugin = get_auth_plugin('userkey'); - display_auth_lock_options($settings, $authplugin->authtype, - $authplugin->userfields, get_string('auth_fieldlocks_help', 'auth'), false, false); + display_auth_lock_options( + $settings, + $authplugin->authtype, + $authplugin->userfields, + get_string('auth_fieldlocks_help', 'auth'), + false, + false + ); } diff --git a/tests/auth_plugin_test.php b/tests/auth_plugin_test.php index 0e99794..bd34408 100644 --- a/tests/auth_plugin_test.php +++ b/tests/auth_plugin_test.php @@ -32,7 +32,7 @@ * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -class auth_plugin_test extends advanced_testcase { +final class auth_plugin_test extends advanced_testcase { /** * An instance of auth_plugin_userkey class. * @var auth_plugin_userkey @@ -41,7 +41,7 @@ class auth_plugin_test extends advanced_testcase { /** * User object. - * @var + * @var $user */ protected $user; @@ -109,7 +109,7 @@ protected function create_user_private_key(array $record = []) { /** * Test that users can't login using login form. */ - public function test_users_can_not_login_using_login_form() { + public function test_users_can_not_login_using_login_form(): void { $user = new stdClass(); $user->auth = 'userkey'; $user->username = 'username'; @@ -124,28 +124,28 @@ public function test_users_can_not_login_using_login_form() { /** * Test that the plugin doesn't allow to store users passwords. */ - public function test_auth_plugin_does_not_allow_to_store_passwords() { + public function test_auth_plugin_does_not_allow_to_store_passwords(): void { $this->assertTrue($this->auth->prevent_local_passwords()); } /** * Test that the plugin is external. */ - public function test_auth_plugin_is_external() { + public function test_auth_plugin_is_external(): void { $this->assertFalse($this->auth->is_internal()); } /** * Test that the plugin doesn't allow users to change the passwords. */ - public function test_auth_plugin_does_not_allow_to_change_passwords() { + public function test_auth_plugin_does_not_allow_to_change_passwords(): void { $this->assertFalse($this->auth->can_change_password()); } /** * Test that default mapping field gets returned correctly. */ - public function test_get_default_mapping_field() { + public function test_get_default_mapping_field(): void { $expected = 'email'; $actual = $this->auth->get_mapping_field(); @@ -155,7 +155,7 @@ public function test_get_default_mapping_field() { /** * Test that logout page hook sets global redirect variable correctly. */ - public function test_logoutpage_hook_sets_global_redirect_correctly() { + public function test_logoutpage_hook_sets_global_redirect_correctly(): void { global $redirect, $SESSION; $this->auth->logoutpage_hook(); @@ -182,7 +182,7 @@ public function test_logoutpage_hook_sets_global_redirect_correctly() { /** * Test that configured mapping field gets returned correctly. */ - public function test_get_mapping_field() { + public function test_get_mapping_field(): void { set_config('mappingfield', 'username', 'auth_userkey'); $this->auth = new auth_plugin_userkey(); @@ -195,8 +195,8 @@ public function test_get_mapping_field() { /** * Test that auth plugin throws correct exception if default mapping field is not provided. */ - public function test_throwing_exception_if_default_mapping_field_is_not_provided() { - $user = array(); + public function test_throwing_exception_if_default_mapping_field_is_not_provided(): void { + $user = []; $this->expectException(invalid_parameter_exception::class); $this->expectExceptionMessage('Invalid parameter value detected (Required field "email" is not set or empty.)'); @@ -206,8 +206,8 @@ public function test_throwing_exception_if_default_mapping_field_is_not_provided /** * Test that auth plugin throws correct exception if username mapping field is not provided, but set in configs. */ - public function test_throwing_exception_if_mapping_field_username_is_not_provided() { - $user = array(); + public function test_throwing_exception_if_mapping_field_username_is_not_provided(): void { + $user = []; set_config('mappingfield', 'username', 'auth_userkey'); $this->auth = new auth_plugin_userkey(); @@ -220,8 +220,8 @@ public function test_throwing_exception_if_mapping_field_username_is_not_provide /** * Test that auth plugin throws correct exception if idnumber mapping field is not provided, but set in configs. */ - public function test_throwing_exception_if_mapping_field_idnumber_is_not_provided() { - $user = array(); + public function test_throwing_exception_if_mapping_field_idnumber_is_not_provided(): void { + $user = []; set_config('mappingfield', 'idnumber', 'auth_userkey'); $this->auth = new auth_plugin_userkey(); @@ -234,8 +234,8 @@ public function test_throwing_exception_if_mapping_field_idnumber_is_not_provide /** * Test that auth plugin throws correct exception if we trying to request not existing user. */ - public function test_throwing_exception_if_user_is_not_exist() { - $user = array(); + public function test_throwing_exception_if_user_is_not_exist(): void { + $user = []; $user['email'] = 'notexists@test.com'; $this->expectException(invalid_parameter_exception::class); @@ -247,8 +247,8 @@ public function test_throwing_exception_if_user_is_not_exist() { * Test that auth plugin throws correct exception if we trying to request user, * but ip field is not set and iprestriction is enabled. */ - public function test_throwing_exception_if_iprestriction_is_enabled_but_ip_is_missing_in_data() { - $user = array(); + public function test_throwing_exception_if_iprestriction_is_enabled_but_ip_is_missing_in_data(): void { + $user = []; $user['email'] = 'exists@test.com'; set_config('iprestriction', true, 'auth_userkey'); $this->auth = new auth_plugin_userkey(); @@ -262,10 +262,10 @@ public function test_throwing_exception_if_iprestriction_is_enabled_but_ip_is_mi /** * Test that we can request a user provided user data as an array. */ - public function test_return_correct_login_url_if_user_is_array() { + public function test_return_correct_login_url_if_user_is_array(): void { global $CFG; - $user = array(); + $user = []; $user['username'] = 'username'; $user['email'] = 'exists@test.com'; @@ -283,7 +283,7 @@ public function test_return_correct_login_url_if_user_is_array() { /** * Test that we can request a user provided user data as an object. */ - public function test_return_correct_login_url_if_user_is_object() { + public function test_return_correct_login_url_if_user_is_object(): void { global $CFG; $user = new stdClass(); @@ -304,7 +304,7 @@ public function test_return_correct_login_url_if_user_is_object() { /** * Test that we can request a user provided user data as an object. */ - public function test_return_correct_login_url_if_iprestriction_is_enabled_and_data_is_correct() { + public function test_return_correct_login_url_if_iprestriction_is_enabled_and_data_is_correct(): void { global $CFG; $user = new stdClass(); @@ -326,7 +326,7 @@ public function test_return_correct_login_url_if_iprestriction_is_enabled_and_da /** * Test that we can request a key for a new user. */ - public function test_return_correct_login_url_and_create_new_user() { + public function test_return_correct_login_url_and_create_new_user(): void { global $CFG, $DB; set_config('createuser', true, 'auth_userkey'); @@ -358,7 +358,7 @@ public function test_return_correct_login_url_and_create_new_user() { /** * Test that we can request a key for a new user. */ - public function test_missing_data_to_create_user() { + public function test_missing_data_to_create_user(): void { global $CFG, $DB; set_config('createuser', true, 'auth_userkey'); @@ -380,7 +380,7 @@ public function test_missing_data_to_create_user() { /** * Test that when we attempt to create a new user duplicate usernames are caught. */ - public function test_create_refuse_duplicate_username() { + public function test_create_refuse_duplicate_username(): void { set_config('createuser', true, 'auth_userkey'); $this->auth = new auth_plugin_userkey(); @@ -409,7 +409,7 @@ public function test_create_refuse_duplicate_username() { /** * Test that when we attempt to create a new user duplicate emails are caught. */ - public function test_create_refuse_duplicate_email() { + public function test_create_refuse_duplicate_email(): void { set_config('createuser', true, 'auth_userkey'); set_config('mappingfield', 'username', 'auth_userkey'); $this->auth = new auth_plugin_userkey(); @@ -439,7 +439,7 @@ public function test_create_refuse_duplicate_email() { /** * Test that we can request a key for an existing user and update their details. */ - public function test_return_correct_login_url_and_update_user() { + public function test_return_correct_login_url_and_update_user(): void { global $CFG, $DB; set_config('updateuser', true, 'auth_userkey'); @@ -481,7 +481,7 @@ public function test_return_correct_login_url_and_update_user() { /** * Test that when we attempt to update a user duplicate emails are caught. */ - public function test_update_refuse_duplicate_email() { + public function test_update_refuse_duplicate_email(): void { set_config('updateuser', true, 'auth_userkey'); set_config('mappingfield', 'username', 'auth_userkey'); $this->auth = new auth_plugin_userkey(); @@ -509,7 +509,7 @@ public function test_update_refuse_duplicate_email() { /** * Test that when we attempt to update a user duplicate usernames are caught. */ - public function test_update_refuse_duplicate_username() { + public function test_update_refuse_duplicate_username(): void { set_config('updateuser', true, 'auth_userkey'); $this->auth = new auth_plugin_userkey(); @@ -536,10 +536,10 @@ public function test_update_refuse_duplicate_username() { /** * Test that we can get login url if we do not use fake keymanager. */ - public function test_return_correct_login_url_if_user_is_object_using_default_keymanager() { + public function test_return_correct_login_url_if_user_is_object_using_default_keymanager(): void { global $DB, $CFG; - $user = array(); + $user = []; $user['username'] = 'username'; $user['email'] = 'exists@test.com'; @@ -548,16 +548,16 @@ public function test_return_correct_login_url_if_user_is_object_using_default_ke create_user_key('auth/userkey', $user->id); create_user_key('auth/userkey', $user->id); create_user_key('auth/userkey', $user->id); - $keys = $DB->get_records('user_private_key', array('userid' => $user->id)); + $keys = $DB->get_records('user_private_key', ['userid' => $user->id]); $this->assertEquals(3, count($keys)); $actual = $this->auth->get_login_url($user); - $keys = $DB->get_records('user_private_key', array('userid' => $user->id)); + $keys = $DB->get_records('user_private_key', ['userid' => $user->id]); $this->assertEquals(1, count($keys)); - $actualkey = $DB->get_record('user_private_key', array('userid' => $user->id)); + $actualkey = $DB->get_record('user_private_key', ['userid' => $user->id]); $expected = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; @@ -567,12 +567,12 @@ public function test_return_correct_login_url_if_user_is_object_using_default_ke /** * Test that we can return correct allowed mapping fields. */ - public function test_get_allowed_mapping_fields_list() { - $expected = array( + public function test_get_allowed_mapping_fields_list(): void { + $expected = [ 'username' => 'Username', 'email' => 'Email address', 'idnumber' => 'ID number', - ); + ]; $actual = $this->auth->get_allowed_mapping_fields(); @@ -582,14 +582,14 @@ public function test_get_allowed_mapping_fields_list() { /** * Test that we can get correct request parameters based on the plugin configuration. */ - public function test_get_request_login_url_user_parameters_based_on_plugin_config() { + public function test_get_request_login_url_user_parameters_based_on_plugin_config(): void { // Check email as it should be set by default. - $expected = array( + $expected = [ 'email' => new external_value( PARAM_EMAIL, 'A valid email address' ), - ); + ]; $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); @@ -598,12 +598,12 @@ public function test_get_request_login_url_user_parameters_based_on_plugin_confi set_config('mappingfield', 'username', 'auth_userkey'); $this->auth = new auth_plugin_userkey(); - $expected = array( + $expected = [ 'username' => new external_value( PARAM_USERNAME, 'Username' ), - ); + ]; $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); @@ -612,12 +612,12 @@ public function test_get_request_login_url_user_parameters_based_on_plugin_confi set_config('mappingfield', 'idnumber', 'auth_userkey'); $this->auth = new auth_plugin_userkey(); - $expected = array( + $expected = [ 'idnumber' => new external_value( PARAM_RAW, 'An arbitrary ID code number perhaps from the institution' ), - ); + ]; $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); @@ -626,7 +626,7 @@ public function test_get_request_login_url_user_parameters_based_on_plugin_confi set_config('mappingfield', 'junkfield', 'auth_userkey'); $this->auth = new auth_plugin_userkey(); - $expected = array(); + $expected = []; $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); @@ -634,32 +634,32 @@ public function test_get_request_login_url_user_parameters_based_on_plugin_confi // Check IP if iprestriction disabled. set_config('iprestriction', false, 'auth_userkey'); $this->auth = new auth_plugin_userkey(); - $expected = array(); + $expected = []; $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); // Check IP if iprestriction enabled. set_config('iprestriction', true, 'auth_userkey'); $this->auth = new auth_plugin_userkey(); - $expected = array( + $expected = [ 'ip' => new external_value( PARAM_HOST, 'User IP address' ), - ); + ]; $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); // Check IP if createuser enabled. set_config('createuser', true, 'auth_userkey'); $this->auth = new auth_plugin_userkey(); - $expected = array( + $expected = [ 'ip' => new external_value(PARAM_HOST, 'User IP address'), 'firstname' => new external_value(PARAM_NOTAGS, 'The first name(s) of the user', VALUE_OPTIONAL), 'lastname' => new external_value(PARAM_NOTAGS, 'The family name of the user', VALUE_OPTIONAL), 'email' => new external_value(PARAM_RAW_TRIMMED, 'A valid and unique email address', VALUE_OPTIONAL), 'username' => new external_value(PARAM_USERNAME, 'A valid and unique username', VALUE_OPTIONAL), - ); + ]; $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); set_config('createuser', false, 'auth_userkey'); @@ -667,13 +667,13 @@ public function test_get_request_login_url_user_parameters_based_on_plugin_confi // Check IP if updateuser enabled. set_config('updateuser', true, 'auth_userkey'); $this->auth = new auth_plugin_userkey(); - $expected = array( + $expected = [ 'ip' => new external_value(PARAM_HOST, 'User IP address'), 'firstname' => new external_value(PARAM_NOTAGS, 'The first name(s) of the user', VALUE_OPTIONAL), 'lastname' => new external_value(PARAM_NOTAGS, 'The family name of the user', VALUE_OPTIONAL), 'email' => new external_value(PARAM_RAW_TRIMMED, 'A valid and unique email address', VALUE_OPTIONAL), 'username' => new external_value(PARAM_USERNAME, 'A valid and unique username', VALUE_OPTIONAL), - ); + ]; $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); set_config('updateuser', false, 'auth_userkey'); @@ -685,24 +685,24 @@ public function test_get_request_login_url_user_parameters_based_on_plugin_confi * @return array First element URL, the second URL is error message. Empty error massage means no errors. */ public function url_data_provider() { - return array( - array('', ''), - array('http://google.com/', ''), - array('https://google.com', ''), - array('http://some.very.long.and.silly.domain/with/a/path/', ''), - array('http://0.255.1.1/numericip.php', ''), - array('http://0.255.1.1/numericip.php?test=1&id=2', ''), - array('/just/a/path', 'You should provide valid URL'), - array('random string', 'You should provide valid URL'), - array(123456, 'You should provide valid URL'), - array('php://google.com', 'You should provide valid URL'), - ); + return [ + ['', ''], + ['http://google.com/', ''], + ['https://google.com', ''], + ['http://some.very.long.and.silly.domain/with/a/path/', ''], + ['http://0.255.1.1/numericip.php', ''], + ['http://0.255.1.1/numericip.php?test=1&id=2', ''], + ['/just/a/path', 'You should provide valid URL'], + ['random string', 'You should provide valid URL'], + [123456, 'You should provide valid URL'], + ['php://google.com', 'You should provide valid URL'], + ]; } /** * Test required parameter exception gets thrown id try to login, but key is not set. */ - public function test_required_parameter_exception_thrown_if_key_not_set() { + public function test_required_parameter_exception_thrown_if_key_not_set(): void { $this->expectException(moodle_exception::class); $this->expectExceptionMessage('A required parameter (key) was missing'); @@ -712,7 +712,7 @@ public function test_required_parameter_exception_thrown_if_key_not_set() { /** * Test that incorrect key exception gets thrown if a key is incorrect. */ - public function test_invalid_key_exception_thrown_if_invalid_key() { + public function test_invalid_key_exception_thrown_if_invalid_key(): void { $this->expectException(moodle_exception::class); $this->expectExceptionMessage('Incorrect key'); @@ -723,7 +723,7 @@ public function test_invalid_key_exception_thrown_if_invalid_key() { /** * Test that expired key exception gets thrown if a key is expired. */ - public function test_expired_key_exception_thrown_if_expired_key() { + public function test_expired_key_exception_thrown_if_expired_key(): void { $this->create_user_private_key(['validuntil' => time() - 3000]); $this->expectException(moodle_exception::class); @@ -736,7 +736,7 @@ public function test_expired_key_exception_thrown_if_expired_key() { /** * Test that IP address mismatch exception gets thrown if incorrect IP. */ - public function test_ipmismatch_exception_thrown_if_ip_is_incorrect() { + public function test_ipmismatch_exception_thrown_if_ip_is_incorrect(): void { $this->create_user_private_key(['iprestriction' => '192.168.1.1']); $_POST['key'] = 'TestKey'; @@ -751,7 +751,7 @@ public function test_ipmismatch_exception_thrown_if_ip_is_incorrect() { /** * Test that IP address mismatch exception gets thrown if incorrect IP and outside whitelist. */ - public function test_ipmismatch_exception_thrown_if_ip_is_outside_whitelist() { + public function test_ipmismatch_exception_thrown_if_ip_is_outside_whitelist(): void { set_config('ipwhitelist', '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16', 'auth_userkey'); $this->create_user_private_key(['iprestriction' => '192.161.1.1']); @@ -767,7 +767,7 @@ public function test_ipmismatch_exception_thrown_if_ip_is_outside_whitelist() { /** * Test that IP address mismatch exception gets thrown if user id is incorrect. */ - public function test_invalid_user_exception_thrown_if_user_is_invalid() { + public function test_invalid_user_exception_thrown_if_user_is_invalid(): void { $this->create_user_private_key([ 'userid' => 777, 'instance' => 777, @@ -786,7 +786,7 @@ public function test_invalid_user_exception_thrown_if_user_is_invalid() { /** * Test that key gets removed after a user logged in. */ - public function test_that_key_gets_removed_after_user_logged_in() { + public function test_that_key_gets_removed_after_user_logged_in(): void { global $DB; $this->create_user_private_key([ @@ -801,7 +801,7 @@ public function test_that_key_gets_removed_after_user_logged_in() { // Using @ is the only way to test this. Thanks moodle! @$this->auth->user_login_userkey(); } catch (moodle_exception $e) { - $keyexists = $DB->record_exists('user_private_key', array('value' => 'RemoveKey')); + $keyexists = $DB->record_exists('user_private_key', ['value' => 'RemoveKey']); $this->assertFalse($keyexists); } } @@ -809,7 +809,7 @@ public function test_that_key_gets_removed_after_user_logged_in() { /** * Test that a user logs in and gets redirected correctly. */ - public function test_that_user_logged_in_and_redirected() { + public function test_that_user_logged_in_and_redirected(): void { global $CFG; $this->create_user_private_key(); @@ -825,7 +825,7 @@ public function test_that_user_logged_in_and_redirected() { /** * Test that a user logs in correctly. */ - public function test_that_user_logged_in_correctly() { + public function test_that_user_logged_in_correctly(): void { global $USER, $SESSION; $this->create_user_private_key(); @@ -845,7 +845,7 @@ public function test_that_user_logged_in_correctly() { /** * Test that a user gets redirected to internal wantsurl URL successful log in. */ - public function test_that_user_gets_redirected_to_internal_wantsurl() { + public function test_that_user_gets_redirected_to_internal_wantsurl(): void { $this->create_user_private_key(); $_POST['key'] = 'TestKey'; $_POST['wantsurl'] = '/course/index.php?id=12&key=134'; @@ -860,7 +860,7 @@ public function test_that_user_gets_redirected_to_internal_wantsurl() { /** * Test that a user gets redirected to external wantsurl URL successful log in. */ - public function test_that_user_gets_redirected_to_external_wantsurl() { + public function test_that_user_gets_redirected_to_external_wantsurl(): void { $this->create_user_private_key(); $_POST['key'] = 'TestKey'; @@ -876,7 +876,7 @@ public function test_that_user_gets_redirected_to_external_wantsurl() { /** * Test that login hook redirects a user if skipsso not set and ssourl is set. */ - public function test_loginpage_hook_redirects_if_skipsso_not_set_and_ssourl_set() { + public function test_loginpage_hook_redirects_if_skipsso_not_set_and_ssourl_set(): void { global $SESSION; $SESSION->enrolkey_skipsso = 0; @@ -892,7 +892,7 @@ public function test_loginpage_hook_redirects_if_skipsso_not_set_and_ssourl_set( /** * Test that login hook does not redirect a user if skipsso not set and ssourl is not set. */ - public function test_loginpage_hook_does_not_redirect_if_skipsso_not_set_and_ssourl_not_set() { + public function test_loginpage_hook_does_not_redirect_if_skipsso_not_set_and_ssourl_not_set(): void { global $SESSION; $SESSION->enrolkey_skipsso = 0; @@ -905,7 +905,7 @@ public function test_loginpage_hook_does_not_redirect_if_skipsso_not_set_and_sso /** * Test that login hook does not redirect a user if skipsso is set and ssourl is not set. */ - public function test_loginpage_hook_does_not_redirect_if_skipsso_set_and_ssourl_not_set() { + public function test_loginpage_hook_does_not_redirect_if_skipsso_set_and_ssourl_not_set(): void { global $SESSION; $SESSION->enrolkey_skipsso = 1; @@ -918,7 +918,7 @@ public function test_loginpage_hook_does_not_redirect_if_skipsso_set_and_ssourl_ /** * Test that pre login hook redirects a user if skipsso not set and ssourl is set. */ - public function test_pre_loginpage_hook_redirects_if_skipsso_not_set_and_ssourl_set() { + public function test_pre_loginpage_hook_redirects_if_skipsso_not_set_and_ssourl_set(): void { global $SESSION; $SESSION->enrolkey_skipsso = 0; @@ -934,7 +934,7 @@ public function test_pre_loginpage_hook_redirects_if_skipsso_not_set_and_ssourl_ /** * Test that pre login hook does not redirect a user if skipsso is not set and ssourl is not set. */ - public function test_pre_loginpage_hook_does_not_redirect_if_skipsso_not_set_and_ssourl_not_set() { + public function test_pre_loginpage_hook_does_not_redirect_if_skipsso_not_set_and_ssourl_not_set(): void { global $SESSION; $SESSION->enrolkey_skipsso = 0; @@ -947,7 +947,7 @@ public function test_pre_loginpage_hook_does_not_redirect_if_skipsso_not_set_and /** * Test that login page hook does not redirect a user if skipsso is set and ssourl is not set. */ - public function test_pre_loginpage_hook_does_not_redirect_if_skipsso_set_and_ssourl_not_set() { + public function test_pre_loginpage_hook_does_not_redirect_if_skipsso_set_and_ssourl_not_set(): void { global $SESSION; $SESSION->enrolkey_skipsso = 1; @@ -960,7 +960,7 @@ public function test_pre_loginpage_hook_does_not_redirect_if_skipsso_set_and_sso /** * Test that if one user logged, he will be logged out before a new one is authorised. */ - public function test_that_different_authorised_user_is_logged_out_and_new_one_logged_in() { + public function test_that_different_authorised_user_is_logged_out_and_new_one_logged_in(): void { global $USER, $SESSION; $user = $this->getDataGenerator()->create_user(); @@ -984,7 +984,7 @@ public function test_that_different_authorised_user_is_logged_out_and_new_one_lo /** * Test that authorised user gets logged out when trying to logged in with invalid key. */ - public function test_if_invalid_key_authorised_user_gets_logged_out() { + public function test_if_invalid_key_authorised_user_gets_logged_out(): void { global $USER, $SESSION; $user = $this->getDataGenerator()->create_user(); @@ -1008,7 +1008,7 @@ public function test_if_invalid_key_authorised_user_gets_logged_out() { /** * Test if a user is logged in and tries to log in again it stays logged in. */ - public function test_that_already_logged_in_user_stays_logged_in() { + public function test_that_already_logged_in_user_stays_logged_in(): void { global $DB, $USER, $SESSION; $this->setUser($this->user); @@ -1025,7 +1025,7 @@ public function test_that_already_logged_in_user_stays_logged_in() { $this->assertEquals($this->user->id, $USER->id); $this->assertSame(sesskey(), $USER->sesskey); $this->assertObjectNotHasProperty('userkey', $SESSION); - $keyexists = $DB->record_exists('user_private_key', array('value' => 'TestKey')); + $keyexists = $DB->record_exists('user_private_key', ['value' => 'TestKey']); $this->assertFalse($keyexists); } } @@ -1033,7 +1033,7 @@ public function test_that_already_logged_in_user_stays_logged_in() { /** * Test when try to logout, but required return is not set. */ - public function test_user_logout_userkey_when_required_return_not_set() { + public function test_user_logout_userkey_when_required_return_not_set(): void { $this->expectException(moodle_exception::class); $this->expectExceptionMessage('A required parameter (return) was missing'); @@ -1043,7 +1043,7 @@ public function test_user_logout_userkey_when_required_return_not_set() { /** * Test when try to logout, but user is not logged in. */ - public function test_user_logout_userkey_when_user_is_not_logged_in() { + public function test_user_logout_userkey_when_user_is_not_logged_in(): void { $_POST['return'] = self::REDIRECTION_PATH; $this->expectException(moodle_exception::class); @@ -1057,7 +1057,7 @@ public function test_user_logout_userkey_when_user_is_not_logged_in() { /** * Test when try to logout, but user logged in with different auth type. */ - public function test_user_logout_userkey_when_user_logged_in_with_different_auth() { + public function test_user_logout_userkey_when_user_logged_in_with_different_auth(): void { global $USER; $_POST['return'] = self::REDIRECTION_PATH; @@ -1078,7 +1078,7 @@ public function test_user_logout_userkey_when_user_logged_in_with_different_auth /** * Test when try to logout, but user logged in with different auth type. */ - public function test_user_logout_userkey_when_user_logged_in_but_return_not_set() { + public function test_user_logout_userkey_when_user_logged_in_but_return_not_set(): void { $this->setUser($this->user); $this->expectException(moodle_exception::class); @@ -1090,7 +1090,7 @@ public function test_user_logout_userkey_when_user_logged_in_but_return_not_set( /** * Test successful logout. */ - public function test_user_logout_userkey_logging_out() { + public function test_user_logout_userkey_logging_out(): void { global $USER; $this->setUser($this->user); diff --git a/tests/core_userkey_manager_test.php b/tests/core_userkey_manager_test.php index a5d1709..a09e265 100644 --- a/tests/core_userkey_manager_test.php +++ b/tests/core_userkey_manager_test.php @@ -28,16 +28,16 @@ * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -class core_userkey_manager_test extends \advanced_testcase { +final class core_userkey_manager_test extends \advanced_testcase { /** * Test user object. - * @var + * @var $user */ protected $user; /** * Test config object. - * @var + * @var $config */ protected $config; @@ -55,10 +55,36 @@ public function setUp(): void { $this->config = new \stdClass(); } + /** + * Core validate function used for testing validate_iprestriction. + * @param string $allowips Allow ips. + * @param string $script Script. + * @param ?string $iprestriction Ips restriction list. + * @param int $keylifetime Key lifetime. + * @return void + * @throws \dml_exception + */ + private function validate_iprestriction(string $allowips = '', string $script = 'auth/userkey', ?string $iprestriction = null, + int $keylifetime = 60): void { + global $DB; + $manager = new core_userkey_manager($this->config); + if ($allowips) { + $value = $manager->create_key($this->user->id, $allowips); + } else { + $value = $manager->create_key($this->user->id); + } + $actualkey = $DB->get_record('user_private_key', ['userid' => $this->user->id]); + $this->assertEquals($value, $actualkey->value); + $this->assertEquals($this->user->id, $actualkey->userid); + $this->assertEquals($script, $actualkey->script); + $this->assertEquals($this->user->id, $actualkey->instance); + $this->assertEquals($iprestriction, $actualkey->iprestriction); + $this->assertEquals(time() + $keylifetime, $actualkey->validuntil); + } /** * Test that core_userkey_manager implements userkey_manager_interface interface. */ - public function test_implements_userkey_manager_interface() { + public function test_implements_userkey_manager_interface(): void { $manager = new core_userkey_manager($this->config); $expected = 'auth_userkey\userkey_manager_interface'; @@ -68,89 +94,83 @@ public function test_implements_userkey_manager_interface() { /** * Test that key gets created correctly if config option iprestriction is not set. */ - public function test_create_correct_key_if_iprestriction_is_not_set() { - global $DB; - + public function test_create_correct_key_if_iprestriction_is_not_set(): void { $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; - $manager = new core_userkey_manager($this->config); - $value = $manager->create_key($this->user->id); - - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - - $this->assertEquals($value, $actualkey->value); - $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); - $this->assertEquals($this->user->id, $actualkey->instance); - $this->assertEquals(null, $actualkey->iprestriction); - $this->assertEquals(time() + 60, $actualkey->validuntil); + $this->validate_iprestriction(); } /** * Test that key gets created correctly if config option iprestriction is set to true. */ - public function test_create_correct_key_if_iprestriction_is_true() { - global $DB; - + public function test_create_correct_key_if_iprestriction_is_true(): void { $this->config->iprestriction = true; $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; - $manager = new core_userkey_manager($this->config); - $value = $manager->create_key($this->user->id); - - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); + $this->validate_iprestriction(iprestriction: '192.168.1.1'); + } - $this->assertEquals($value, $actualkey->value); - $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); - $this->assertEquals($this->user->id, $actualkey->instance); - $this->assertEquals('192.168.1.1', $actualkey->iprestriction); - $this->assertEquals(time() + 60, $actualkey->validuntil); + /** + * Test that key gets created correctly if config option iprestriction is set to a string. + */ + public function test_create_correct_key_if_iprestriction_is_string(): void { + $this->config->iprestriction = 'string'; + $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; + $this->validate_iprestriction(iprestriction: '192.168.1.1'); } + /** * Test that key gets created correctly if config option iprestriction is set to true and we set allowedips. */ - public function test_create_correct_key_if_iprestriction_is_true_and_we_set_allowedips() { - global $DB; - + public function test_create_correct_key_if_iprestriction_is_true_and_we_set_allowedips(): void { $this->config->iprestriction = true; - $manager = new core_userkey_manager($this->config); - $value = $manager->create_key($this->user->id, '192.168.1.3'); - - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - - $this->assertEquals($value, $actualkey->value); - $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); - $this->assertEquals($this->user->id, $actualkey->instance); - $this->assertEquals('192.168.1.3', $actualkey->iprestriction); - $this->assertEquals(time() + 60, $actualkey->validuntil); + $this->validate_iprestriction(allowips:'192.168.1.3', iprestriction: '192.168.1.3'); } /** * Test that key gets created correctly if config option iprestriction is set to false. */ - public function test_create_correct_key_if_iprestriction_is_false() { - global $DB; + public function test_create_correct_key_if_iprestriction_is_false(): void { + $this->config->iprestriction = false; + $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; + $this->validate_iprestriction(); + } + + /** + * Test that key gets created correctly if config option iprestriction is set to false and we set allowedips. + */ + public function test_create_correct_key_if_iprestriction_is_falseand_we_set_allowedips(): void { $this->config->iprestriction = false; $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; - $manager = new core_userkey_manager($this->config); - $value = $manager->create_key($this->user->id); + $this->validate_iprestriction(); + } - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); + /** + * Test that key gets created correctly if config option keylifetime is not set. + */ + public function test_create_correct_key_if_keylifetime_is_not_set(): void { + $this->validate_iprestriction(); + } - $this->assertEquals($value, $actualkey->value); - $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); - $this->assertEquals($this->user->id, $actualkey->instance); - $this->assertEquals(null, $actualkey->iprestriction); - $this->assertEquals(time() + 60, $actualkey->validuntil); + /** + * Test that key gets created correctly if config option keylifetime is set to integer. + */ + public function test_create_correct_key_if_keylifetime_is_set_to_integer(): void { + $this->config->keylifetime = 3000; + $this->validate_iprestriction(keylifetime: 3000); } + /** + * Test that key gets created correctly if config option keylifetime is set to a string. + */ + public function test_create_correct_key_if_keylifetime_is_set_to_string(): void { + $this->config->keylifetime = '3000'; + $this->validate_iprestriction(keylifetime: 3000); + } /** * Test that IP address mismatch exception gets thrown if incorrect IP and outside whitelist. */ - public function test_exception_if_ip_is_outside_whitelist() { + public function test_exception_if_ip_is_outside_whitelist(): void { global $DB; $this->config->iprestriction = true; @@ -170,7 +190,7 @@ public function test_exception_if_ip_is_outside_whitelist() { /** * Test that IP address mismatch exception gets thrown if incorrect IP and outside whitelist. */ - public function test_create_correct_key_if_ip_correct_not_whitelisted_and_whitelist_set() { + public function test_create_correct_key_if_ip_correct_not_whitelisted_and_whitelist_set(): void { global $DB; $this->config->iprestriction = true; @@ -189,7 +209,7 @@ public function test_create_correct_key_if_ip_correct_not_whitelisted_and_whitel /** * Test that key is accepted if incorrect IP and within whitelist. */ - public function test_create_correct_key_if_ip_is_whitelisted() { + public function test_create_correct_key_if_ip_is_whitelisted(): void { global $DB; $this->config->iprestriction = true; @@ -205,133 +225,29 @@ public function test_create_correct_key_if_ip_is_whitelisted() { $this->assertEquals($this->user->id, $key->userid); } - /** - * Test that key gets created correctly if config option iprestriction is set to false and we set allowedips. - */ - public function test_create_correct_key_if_iprestriction_is_falseand_we_set_allowedips() { - global $DB; - - $this->config->iprestriction = false; - $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; - $manager = new core_userkey_manager($this->config); - $value = $manager->create_key($this->user->id, '192.168.1.1'); - - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - - $this->assertEquals($value, $actualkey->value); - $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); - $this->assertEquals($this->user->id, $actualkey->instance); - $this->assertEquals(null, $actualkey->iprestriction); - $this->assertEquals(time() + 60, $actualkey->validuntil); - } - - /** - * Test that key gets created correctly if config option iprestriction is set to a string. - */ - public function test_create_correct_key_if_iprestriction_is_string() { - global $DB; - - $this->config->iprestriction = 'string'; - $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; - $manager = new core_userkey_manager($this->config); - $value = $manager->create_key($this->user->id); - - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - - $this->assertEquals($value, $actualkey->value); - $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); - $this->assertEquals($this->user->id, $actualkey->instance); - $this->assertEquals('192.168.1.1', $actualkey->iprestriction); - $this->assertEquals(time() + 60, $actualkey->validuntil); - } - - /** - * Test that key gets created correctly if config option keylifetime is not set. - */ - public function test_create_correct_key_if_keylifetime_is_not_set() { - global $DB; - - $manager = new core_userkey_manager($this->config); - $value = $manager->create_key($this->user->id); - - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - - $this->assertEquals($value, $actualkey->value); - $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); - $this->assertEquals($this->user->id, $actualkey->instance); - $this->assertEquals(null, $actualkey->iprestriction); - $this->assertEquals(time() + 60, $actualkey->validuntil); - } - - /** - * Test that key gets created correctly if config option keylifetime is set to integer. - */ - public function test_create_correct_key_if_keylifetime_is_set_to_integer() { - global $DB; - - $this->config->keylifetime = 3000; - - $manager = new core_userkey_manager($this->config); - $value = $manager->create_key($this->user->id); - - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - - $this->assertEquals($value, $actualkey->value); - $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); - $this->assertEquals($this->user->id, $actualkey->instance); - $this->assertEquals(null, $actualkey->iprestriction); - $this->assertEquals(time() + 3000, $actualkey->validuntil); - - } - - /** - * Test that key gets created correctly if config option keylifetime is set to a string. - */ - public function test_create_correct_key_if_keylifetime_is_set_to_string() { - global $DB; - - $this->config->keylifetime = '3000'; - - $manager = new core_userkey_manager($this->config); - $value = $manager->create_key($this->user->id); - - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - - $this->assertEquals($value, $actualkey->value); - $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); - $this->assertEquals($this->user->id, $actualkey->instance); - $this->assertEquals(null, $actualkey->iprestriction); - $this->assertEquals(time() + 3000, $actualkey->validuntil); - - } /** * Test that we can delete created key. */ - public function test_can_delete_created_key() { + public function test_can_delete_created_key(): void { global $DB; $manager = new core_userkey_manager($this->config); $value = $manager->create_key($this->user->id); - $keys = $DB->get_records('user_private_key', array('userid' => $this->user->id)); + $keys = $DB->get_records('user_private_key', ['userid' => $this->user->id]); $this->assertEquals(1, count($keys)); $manager->delete_keys($this->user->id); - $keys = $DB->get_records('user_private_key', array('userid' => $this->user->id)); + $keys = $DB->get_records('user_private_key', ['userid' => $this->user->id]); $this->assertEquals(0, count($keys)); } /** * Test that we can delete all existing keys. */ - public function test_can_delete_all_existing_keys() { + public function test_can_delete_all_existing_keys(): void { global $DB; $manager = new core_userkey_manager($this->config); @@ -340,19 +256,19 @@ public function test_can_delete_all_existing_keys() { create_user_key('auth/userkey', $this->user->id); create_user_key('auth/userkey', $this->user->id); - $keys = $DB->get_records('user_private_key', array('userid' => $this->user->id)); + $keys = $DB->get_records('user_private_key', ['userid' => $this->user->id]); $this->assertEquals(3, count($keys)); $manager->delete_keys($this->user->id); - $keys = $DB->get_records('user_private_key', array('userid' => $this->user->id)); + $keys = $DB->get_records('user_private_key', ['userid' => $this->user->id]); $this->assertEquals(0, count($keys)); } /** * Test that we create only one key. */ - public function test_create_only_one_key() { + public function test_create_only_one_key(): void { global $DB; $manager = new core_userkey_manager($this->config); @@ -361,11 +277,11 @@ public function test_create_only_one_key() { create_user_key('auth/userkey', $this->user->id); create_user_key('auth/userkey', $this->user->id); - $keys = $DB->get_records('user_private_key', array('userid' => $this->user->id)); + $keys = $DB->get_records('user_private_key', ['userid' => $this->user->id]); $this->assertEquals(3, count($keys)); $manager->create_key($this->user->id); - $keys = $DB->get_records('user_private_key', array('userid' => $this->user->id)); + $keys = $DB->get_records('user_private_key', ['userid' => $this->user->id]); $this->assertEquals(1, count($keys)); } } diff --git a/tests/externallib_test.php b/tests/externallib_test.php index 58f26a4..dac2b97 100644 --- a/tests/externallib_test.php +++ b/tests/externallib_test.php @@ -15,6 +15,7 @@ // along with Moodle. If not, see . namespace auth_userkey; +defined('MOODLE_INTERNAL') || die(); use advanced_testcase; use webservice_access_exception; @@ -23,9 +24,7 @@ use invalid_parameter_exception; use required_capability_exception; use context_system; - global $CFG; - require_once($CFG->dirroot . '/webservice/lib.php'); require_once($CFG->dirroot . '/auth/userkey/externallib.php'); @@ -38,23 +37,24 @@ * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -class externallib_test extends advanced_testcase { +final class externallib_test extends advanced_testcase { /** * User object. * - * @var + * @var $user. */ - protected $user = array(); + protected $user = []; /** * Initial set up. */ public function setUp(): void { global $CFG; + parent::setUp(); $this->resetAfterTest(); - $user = array(); + $user = []; $user['username'] = 'username'; $user['email'] = 'exists@test.com'; $user['idnumber'] = 'idnumber'; @@ -64,12 +64,12 @@ public function setUp(): void { /** * Test call with incorrect required parameter. */ - public function test_throwing_plugin_disabled_exception() { + public function test_throwing_plugin_disabled_exception(): void { $this->setAdminUser(); - $params = array( + $params = [ 'bla' => 'exists@test.com', - ); + ]; $this->expectException(webservice_access_exception::class); $this->expectExceptionMessage('Access control exception (The userkey authentication plugin is disabled.)'); @@ -82,22 +82,22 @@ public function test_throwing_plugin_disabled_exception() { /** * Test successful web service calls. */ - public function test_successful_webservice_calls() { + public function test_successful_webservice_calls(): void { global $DB, $CFG; $CFG->auth = "userkey"; $this->setAdminUser(); // Email. - $params = array( + $params = [ 'email' => 'exists@test.com', - ); + ]; // Simulate the web service server. $result = auth_userkey_external::request_login_url($params); $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); + $actualkey = $DB->get_record('user_private_key', ['userid' => $this->user->id]); $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; $this->assertTrue(is_array($result)); @@ -106,15 +106,15 @@ public function test_successful_webservice_calls() { // Username. set_config('mappingfield', 'username', 'auth_userkey'); - $params = array( + $params = [ 'username' => 'username', - ); + ]; // Simulate the web service server. $result = auth_userkey_external::request_login_url($params); $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); + $actualkey = $DB->get_record('user_private_key', ['userid' => $this->user->id]); $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; $this->assertTrue(is_array($result)); @@ -123,15 +123,15 @@ public function test_successful_webservice_calls() { // Idnumber. set_config('mappingfield', 'idnumber', 'auth_userkey'); - $params = array( + $params = [ 'idnumber' => 'idnumber', - ); + ]; // Simulate the web service server. $result = auth_userkey_external::request_login_url($params); $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); + $actualkey = $DB->get_record('user_private_key', ['userid' => $this->user->id]); $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; $this->assertTrue(is_array($result)); @@ -141,16 +141,16 @@ public function test_successful_webservice_calls() { // IP restriction. set_config('iprestriction', true, 'auth_userkey'); set_config('mappingfield', 'idnumber', 'auth_userkey'); - $params = array( + $params = [ 'idnumber' => 'idnumber', 'ip' => '192.168.1.1', - ); + ]; // Simulate the web service server. $result = auth_userkey_external::request_login_url($params); $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); + $actualkey = $DB->get_record('user_private_key', ['userid' => $this->user->id]); $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; $this->assertTrue(is_array($result)); @@ -161,15 +161,15 @@ public function test_successful_webservice_calls() { /** * Test call with missing email required parameter. */ - public function test_exception_thrown_if_required_parameter_email_is_not_set() { + public function test_exception_thrown_if_required_parameter_email_is_not_set(): void { global $CFG; $this->setAdminUser(); $CFG->auth = "userkey"; - $params = array( + $params = [ 'bla' => 'exists@test.com', - ); + ]; $this->expectException(invalid_parameter_exception::class); $this->expectExceptionMessage('Invalid parameter value detected (Required field "email" is not set or empty.)'); @@ -180,7 +180,7 @@ public function test_exception_thrown_if_required_parameter_email_is_not_set() { /** * Test call with missing ip required parameter. */ - public function test_exception_thrown_if_required_parameter_op_is_not_set() { + public function test_exception_thrown_if_required_parameter_op_is_not_set(): void { global $CFG; $this->setAdminUser(); @@ -188,9 +188,9 @@ public function test_exception_thrown_if_required_parameter_op_is_not_set() { set_config('iprestriction', true, 'auth_userkey'); - $params = array( + $params = [ 'email' => 'exists@test.com', - ); + ]; $this->expectException(invalid_parameter_exception::class); $this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)'); @@ -201,15 +201,15 @@ public function test_exception_thrown_if_required_parameter_op_is_not_set() { /** * Test request for a user who is not exist. */ - public function test_request_not_existing_user() { + public function test_request_not_existing_user(): void { global $CFG; $this->setAdminUser(); $CFG->auth = "userkey"; - $params = array( + $params = [ 'email' => 'notexists@test.com', - ); + ]; $this->expectException(invalid_parameter_exception::class); $this->expectExceptionMessage('Invalid parameter value detected (User is not exist)'); @@ -222,15 +222,15 @@ public function test_request_not_existing_user() { /** * Test that permission exception gets thrown if user doesn't have required permissions. */ - public function test_throwing_of_permission_exception() { + public function test_throwing_of_permission_exception(): void { global $CFG; $this->setUser($this->user); $CFG->auth = "userkey"; - $params = array( + $params = [ 'email' => 'notexists@test.com', - ); + ]; $this->expectException(required_capability_exception::class); $this->expectExceptionMessage('Sorry, but you do not currently have permissions to do that (Generate login user key)'); @@ -243,26 +243,26 @@ public function test_throwing_of_permission_exception() { /** * Test request gets executed correctly if use has required permissions. */ - public function test_request_gets_executed_if_user_has_permission() { + public function test_request_gets_executed_if_user_has_permission(): void { global $CFG, $DB; $this->setUser($this->user); $CFG->auth = "userkey"; $context = context_system::instance(); - $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); + $studentrole = $DB->get_record('role', ['shortname' => 'student'], '*', MUST_EXIST); assign_capability('auth/userkey:generatekey', CAP_ALLOW, $studentrole->id, $context->id); role_assign($studentrole->id, $this->user->id, $context->id); - $params = array( + $params = [ 'email' => 'exists@test.com', - ); + ]; // Simulate the web service server. $result = auth_userkey_external::request_login_url($params); $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); - $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); + $actualkey = $DB->get_record('user_private_key', ['userid' => $this->user->id]); $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; $this->assertTrue(is_array($result)); diff --git a/tests/fake_userkey_manager.php b/tests/fake_userkey_manager.php index 5c554c2..362382a 100644 --- a/tests/fake_userkey_manager.php +++ b/tests/fake_userkey_manager.php @@ -24,7 +24,6 @@ * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ class fake_userkey_manager implements userkey_manager_interface { - /** * Create key. * diff --git a/version.php b/version.php index 354bc71..d5a6198 100644 --- a/version.php +++ b/version.php @@ -24,9 +24,9 @@ defined('MOODLE_INTERNAL') || die; -$plugin->version = 2022081901; // The current plugin version (Date: YYYYMMDDXX). -$plugin->release = 2022081901; // Match release exactly to version. +$plugin->version = 2022081902; // The current plugin version (Date: YYYYMMDDXX). +$plugin->release = 2022081902; // Match release exactly to version. $plugin->requires = 2017051500; // Requires Moodle 3.3 version. $plugin->component = 'auth_userkey'; // Full name of the plugin (used for diagnostics). $plugin->maturity = MATURITY_STABLE; -$plugin->supported = [33, 401]; // A range of branch numbers of supported moodle versions. +$plugin->supported = [405, 500]; // A range of branch numbers of supported moodle versions.